diff --git a/Network/Wreq.hs b/Network/Wreq.hs
--- a/Network/Wreq.hs
+++ b/Network/Wreq.hs
@@ -98,6 +98,7 @@
     , oauth2Bearer
     , oauth2Token
     , awsAuth
+    , awsFullAuth
     , awsSessionTokenAuth
     -- ** Proxy settings
     , Proxy(Proxy)
@@ -599,6 +600,17 @@
                     -> Auth
 awsSessionTokenAuth version key secret sessionToken =
   AWSAuth version key secret (Just sessionToken)
+
+-- | AWS v4 request signature.
+--
+-- Example (note the use of TLS):
+--
+-- @
+--let opts = 'defaults' '&' 'Lens.auth' '?~' 'awsFullAuth' 'AWSv4' \"key\" \"secret\" (Just (\"service\", \"region\"))
+--'getWith' opts \"https:\/\/dynamodb.us-west-2.amazonaws.com\"
+-- @
+awsFullAuth :: AWSAuthVersion -> S.ByteString -> S.ByteString -> Maybe S.ByteString -> Maybe (S.ByteString, S.ByteString) -> Auth
+awsFullAuth = AWSFullAuth
 
 -- | Proxy configuration.
 --
diff --git a/Network/Wreq/Internal.hs b/Network/Wreq/Internal.hs
--- a/Network/Wreq/Internal.hs
+++ b/Network/Wreq/Internal.hs
@@ -42,7 +42,7 @@
 import qualified Network.HTTP.Client as HTTP
 import qualified Network.HTTP.Types as HTTP
 import qualified Network.Wreq.Internal.Lens as Lens
-import qualified Network.Wreq.Internal.AWS as AWS (signRequest)
+import qualified Network.Wreq.Internal.AWS as AWS (signRequest,signRequestFull)
 import qualified Network.Wreq.Internal.OAuth1 as OAuth1 (signRequest)
 import qualified Network.Wreq.Lens as Lens hiding (checkResponse)
 
@@ -131,6 +131,7 @@
     signRequest = maybe return f $ auth opts
       where
         f (AWSAuth versn key secret _) = AWS.signRequest versn key secret
+        f (AWSFullAuth versn key secret _ serviceRegion) = AWS.signRequestFull versn key secret serviceRegion
         f (OAuth1 consumerToken consumerSecret token secret) = OAuth1.signRequest consumerToken consumerSecret token secret
         f _ = return
 
@@ -152,6 +153,8 @@
     f (OAuth2Token token)   = setHeader "Authorization" ("token " <> token)
     -- for AWS request signature implementation, see Internal/AWS
     f (AWSAuth _ _ _ mSessionToken) =
+      maybe id (setHeader "X-Amz-Security-Token") mSessionToken
+    f (AWSFullAuth _ _ _ mSessionToken _) =
       maybe id (setHeader "X-Amz-Security-Token") mSessionToken
     f (OAuth1 _ _ _ _)      = id
 
diff --git a/Network/Wreq/Internal/AWS.hs b/Network/Wreq/Internal/AWS.hs
--- a/Network/Wreq/Internal/AWS.hs
+++ b/Network/Wreq/Internal/AWS.hs
@@ -3,7 +3,8 @@
 
 module Network.Wreq.Internal.AWS
     (
-      signRequest
+      signRequest,
+      signRequestFull
     ) where
 
 import Control.Applicative ((<$>))
@@ -42,7 +43,7 @@
 -- TODO: adjust when DELETE supports a body or PATCH is added
 signRequest :: AWSAuthVersion -> S.ByteString -> S.ByteString ->
                Request -> IO Request
-signRequest AWSv4 = signRequestV4
+signRequest AWSv4 aid key r = signRequestFull AWSv4 aid key Nothing r
 
 hexSha256Hash :: S.ByteString -> S.ByteString
 hexSha256Hash dta =
@@ -55,14 +56,19 @@
   in S.pack (show digest)
 
 
-signRequestV4 :: S.ByteString -> S.ByteString -> Request -> IO Request
-signRequestV4 key secret request = do
+signRequestFull :: AWSAuthVersion -> S.ByteString -> S.ByteString -> Maybe (S.ByteString, S.ByteString) -> Request -> IO Request
+signRequestFull AWSv4 = signRequestV4
+
+signRequestV4 :: S.ByteString -> S.ByteString -> Maybe (S.ByteString, S.ByteString) -> Request -> IO Request
+signRequestV4 key secret serviceRegion request = do
   !ts <- timestamp                         -- YYYYMMDDT242424Z, UTC based
   let origHost = request ^. host          -- potentially w/ runscope bucket
       runscopeBucketAuth =
         lookup "Runscope-Bucket-Auth" $ request ^. requestHeaders
       noRunscopeHost = removeRunscope origHost -- rm Runscope for signing
-      (service, region) = serviceAndRegion noRunscopeHost
+      (service, region) = case serviceRegion of
+        Nothing     -> serviceAndRegion noRunscopeHost
+        Just (a, b) ->　(a, b)
       date = S.takeWhile (/= 'T') ts      -- YYYYMMDD
       hashedPayload
         | request ^. method `elem` ["POST", "PUT"] = payloadHash req
diff --git a/Network/Wreq/Internal/Types.hs b/Network/Wreq/Internal/Types.hs
--- a/Network/Wreq/Internal/Types.hs
+++ b/Network/Wreq/Internal/Types.hs
@@ -183,6 +183,9 @@
           | AWSAuth AWSAuthVersion S.ByteString S.ByteString (Maybe S.ByteString)
             -- ^ Amazon Web Services request signing
             -- AWSAuthVersion key secret (optional: session-token)
+          | AWSFullAuth AWSAuthVersion S.ByteString S.ByteString  (Maybe S.ByteString) (Maybe (S.ByteString, S.ByteString))
+            -- ^ Amazon Web Services request signing
+            -- AWSAuthVersion key secret Maybe (service, region)
           | OAuth1 S.ByteString S.ByteString S.ByteString S.ByteString
             -- ^ OAuth1 request signing
             -- OAuth1 consumerToken consumerSecret token secret
diff --git a/Network/Wreq/Lens.hs b/Network/Wreq/Lens.hs
--- a/Network/Wreq/Lens.hs
+++ b/Network/Wreq/Lens.hs
@@ -146,7 +146,7 @@
 --import "Network.HTTP.Client" ('Network.HTTP.Client.defaultManagerSettings', 'Network.HTTP.Client.managerResponseTimeout')
 --
 --let opts = 'Network.Wreq.defaults' 'Control.Lens.&' 'manager' 'Control.Lens..~' Left ('Network.HTTP.Client.OpenSSL.opensslManagerSettings' 'OpenSSL.Session.context')
---                    'Control.Lens.&' 'manager' 'Control.Lens..~' Left ('Network.HTTP.Client.defaultManagerSettings' { 'Network.HTTP.Client.managerResponseTimeout' = Just 10000 } )
+--                    'Control.Lens.&' 'manager' 'Control.Lens..~' Left ('Network.HTTP.Client.defaultManagerSettings' { 'Network.HTTP.Client.managerResponseTimeout' = responseTimeoutMicro 10000 } )
 --
 --'Network.HTTP.Client.OpenSSL.withOpenSSL' $
 --  'Network.Wreq.getWith' opts \"https:\/\/httpbin.org\/get\"
diff --git a/Network/Wreq/Types.hs b/Network/Wreq/Types.hs
--- a/Network/Wreq/Types.hs
+++ b/Network/Wreq/Types.hs
@@ -38,7 +38,8 @@
     ) where
 
 import Control.Lens ((&), (.~))
-import Data.Aeson (Value, encode)
+import Data.Aeson (Encoding, Value, encode)
+import Data.Aeson.Encoding (encodingToLazyByteString)
 import Data.Int (Int8, Int16, Int32, Int64)
 import Data.Word (Word, Word8, Word16, Word32, Word64)
 import Network.HTTP.Client (Request(method))
@@ -64,6 +65,7 @@
 instance Postable S.ByteString
 instance Postable L.ByteString
 instance Postable Value
+instance Postable Encoding
 
 instance Putable Part where
     putPayload a = putPayload [a]
@@ -102,6 +104,9 @@
 instance Putable Value where
     putPayload = payload "application/json" . HTTP.RequestBodyLBS . encode
 
+instance Putable Encoding where
+    putPayload = payload "application/json" . HTTP.RequestBodyLBS .
+      encodingToLazyByteString
 
 instance FormValue T.Text where
     renderFormValue = T.encodeUtf8
diff --git a/changelog.md b/changelog.md
--- a/changelog.md
+++ b/changelog.md
@@ -1,5 +1,11 @@
 -*- markdown -*-
 
+2018-11-16 0.5.3.0
+
+* Added Postable/Putable on aeson encoding
+
+* Added better AWS signing for urls without region
+
 2018-03-01 0.5.2.1
 
 * Fixed some building issues with older versions
diff --git a/wreq.cabal b/wreq.cabal
--- a/wreq.cabal
+++ b/wreq.cabal
@@ -1,5 +1,5 @@
 name:                wreq
-version:             0.5.2.1
+version:             0.5.3.0
 synopsis:            An easy-to-use HTTP client library.
 description:
   .
